604 matches found
CVE-2026-13710
The Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Box widget's 'sgbodydescription' parameter in versions up to, and including, 3.2.6. This is due to insufficient input...
CVE-2026-13710
The Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Box widget's 'sgbodydescription' parameter in versions up to, and including, 3.2.6. This is due to insufficient input...
CVE-2026-53356
A flaw was found in the Linux kernel's drm/i915/gem component. This vulnerability occurs because the sgpage function incorrectly scales pread/pwrite operations for physical Buffer Objects BO when a non-zero offset is used. This can lead to incorrect memory access, potentially allowing an attacker...
SUSE-SU-2026:2689-1 Security update for sg3_utils
This update for sg3utils fixes the following issue Update to version 1.43+49.47792c16: - sginq: --export output conformance for SCSI name string and ATA fields bsc1267823...
CVE-2026-53304
A flaw was found in the Linux kernel's SCSI generic sg module. A local user could bypass the intended size restrictions for the defreservedsize module parameter. By setting this parameter to an invalid value and then attempting to open a SCSI generic device, the system can experience a soft locku...
SUSE CVE-2026-53304
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...
Linux Distros Unpatched Vulnerability : CVE-2026-53304
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be...
DEBIAN-CVE-2026-53304
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...
CVE-2026-53304
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...
UBUNTU-CVE-2026-53304
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...
CVE-2026-53304 scsi: sg: Resolve soft lockup issue when opening /dev/sgX
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...
EUVD-2026-39839
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...
CVE-2026-53304
CVE-2026-53304 affects the Linux kernel SCSI generic (sg) driver, specifically the def_reserved_size default buffer size for each /dev/sgX. The root cause is a bypass of sg_proc_write_dressz limits, allowing an invalid value to be written via the module parameter, which can trigger a soft lockup....
PT-2026-52943
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A soft lockup occurs when opening /dev/sgX due to improper validation of the def reserved size module parameter. While the sg proc write dressz function enforces a size limit between 0 a...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Do not sleep in atomic context The function sgfinishremreq calls blkrqunmapuser. The latter function may sleep. Therefore, call sgfinishremreq with interrupts enabled instead of disabled...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbd: fix dmaunmapsg nents The dmaunmapsg functions should be called with the same nents as the dmamapsg, not with the value returned by the map function...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: nvmet-tcp: bounds checks were added in nvmettcpbuildpduiovec. The nvmettcpbuildpduiovec function could exceed the range of cmd-req.sg when the length or offset of the PDU exceeds sgcnt. As a result, it might use bogus values f...
CVE-2026-46312
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vmaflags in vb2dmasgmmap vb2dmacontig sets VMA flags VMDONTEXPAND and VMDONTDUMP and I do not see a reason why vb2dmasg should behave differently. This avoids hitting WARNON!vma-vmflags & VMDONTEXPAND; in...
CVE-2026-46312
CVE-2026-46312 is a Linux kernel vulnerability involving media: videobuf2 where vb2_dma_sg_mmap did not set the VMA flags, potentially triggering a WARN_ON in drm_gem_mmap_obj() during mmap() of an imported dma-buf. The fix adds proper VMA flag handling in vb2_dma_sg_mmap_mmap (consistent with vb...
CVE-2026-46289
In the Linux kernel, CVE-2026-46289 concerns bugs in lib/scatterlist during extract_kvec_to_sg when transferring data from a kvec to a sglist. The main issues: (1) the computed length for a sglist entry can exceed the page size, causing overread; (2) while extracting a user buffer, the sglist can...